From ed1263bf8c6c678420eb1b9ad3f37d3a6d33af7c Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Fri, 2 Aug 2024 00:20:53 +0200
Subject: Implement detection of volumes with vulnerable XTS master key.

If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
---
 src/Volume/VolumeHeader.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/Volume/VolumeHeader.h')

diff --git a/src/Volume/VolumeHeader.h b/src/Volume/VolumeHeader.h
index 85908711..18a52950 100644
--- a/src/Volume/VolumeHeader.h
+++ b/src/Volume/VolumeHeader.h
@@ -76,6 +76,7 @@ namespace VeraCrypt
 		uint64 GetVolumeDataSize () const { return VolumeDataSize; }
 		VolumeTime GetVolumeCreationTime () const { return VolumeCreationTime; }
 		void SetSize (uint32 headerSize);
+		bool IsMasterKeyVulnerable () const { return XtsKeyVulnerable; }
 
 	protected:
 		bool Deserialize (const ConstBufferPtr &header, shared_ptr <EncryptionAlgorithm> &ea, shared_ptr <EncryptionMode> &mode);
@@ -120,6 +121,7 @@ namespace VeraCrypt
 		uint32 SectorSize;
 
 		SecureBuffer DataAreaKey;
+		bool XtsKeyVulnerable;
 
 	private:
 		VolumeHeader (const VolumeHeader &);
-- 
cgit v1.2.3